﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;

namespace NCKH.Admin
{
    public partial class Capdetai_Sua : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!IsPostBack)
                if (Request.QueryString["pid"] != null)
                {
                    int capdetaiID = Convert.ToInt32(Request.QueryString["pid"]);
                    hiencapdetai(capdetaiID);
                }
        }

        private void hiencapdetai(int capdetaiID)
        {
            string connectionString = ConfigurationManager.ConnectionStrings["NCKH"].ConnectionString;
            string sqlSelect = "SELECT MacapDT, TencapDT"
                + " FROM PHANCAPDETAI"
                + " WHERE MacapDT=" + capdetaiID;//de phong Sql INJECTION
            using (SqlConnection Cnn = new SqlConnection(connectionString))
            {
                using (SqlCommand Cmd = new SqlCommand(sqlSelect, Cnn))
                {
                    Cmd.CommandType = CommandType.Text;
                    Cnn.Open();
                    using (SqlDataReader rd = Cmd.ExecuteReader())
                    {
                        if (rd.HasRows && rd.Read())
                        {
                            txtcapdetai.Text = rd["TencapDT"].ToString();
                            ibtSua.CommandArgument = capdetaiID.ToString();
                        }
                        rd.Close();
                    }
                    Cnn.Close();
                }
            }
        }
        protected void ibtHuy_Click(object sender, EventArgs e)
        {
            txtcapdetai.Text
                 = string.Empty;
            txtcapdetai.Focus();
            Response.Redirect("Capdetai.aspx");
        }

        protected void ibtSua_Click(object sender, EventArgs e)
        {
            string connectionString = ConfigurationManager.ConnectionStrings["NCKH"].ConnectionString;
            using (SqlConnection Cnn = new SqlConnection(connectionString))
            {
                using (SqlCommand Cmd = new SqlCommand("Sua_capdetai", Cnn))
                {
                    Cmd.CommandType = CommandType.StoredProcedure;
                    Cmd.Parameters.AddWithValue("@MacapDT", ibtSua.CommandArgument);
                    Cmd.Parameters.AddWithValue("@TencapDT", txtcapdetai.Text);
                    Cnn.Open();
                    Cmd.ExecuteNonQuery();
                    Cnn.Close();
                }
            }
            Response.Redirect("Capdetai.aspx");
        }
    }
}